Google reveals 180% increase in hacked websites

Google's webmaster security awareness campaign, #NoHacked, is back for a second round and begins its discourse with a rather alarming finding.

Over the course of the last year, Google has noticed a 180% increase in the number of websites being hacked. That's a significant increase and one which Google hopes to ameliorate by educating webmasters in the precautions they can take to ensure their sites are not targeted via their #NoHacked campaign.

Four main items that webmasters can get to grips with are highlighted in Google's latest blog post - password security, software updates, hosting provider and Google services. All the considerations are common-sense but worth reiterating.

While a strong password is key to security, Google takes the issue one step further. As well as a combination of letters, numbers and symbols, Google suggests that length is also a factor as well as using different passwords on different. Google also suggests turning on 2-factor identification to significantly enhance security.

Using outdated software is, says Google, a common way for hackers to take control of a website. To this end, checking a website regularly for outdated software, removing any add-ons or software that is not needed, and using updates that patch security holes is necessary not just to avoid hacking but also to maximize website performance.

"If you use a web server like Apache, nginx or commercial web server software, make sure you keep your web server software patched," says Eric Kuan, Webmaster Relations Specialist. "If you use a Content Management System (CMS) or any plug-ins or add-ons on your site, make sure to keep these tools updated with new releases. Also, sign up to the security announcement lists for your web server software and your CMS if you use one."

Those using a hosting provider, rather than managing their own servers, should enquire as to whether they offer on-demand support for dealing with hacking issues, says Google.

Finally, Google recommends that webmasters take advantage of services they offer that will notify if a site has been compromised. As well as Google Search Console - Google's way of communicating with webmasters about issues on a website including if they have detected hacked content - it is recommended that webmasters set up Google Alerts.

"For example, if you run a site selling pet accessories called www.example.com, you can set up an alert for [site:example.com cheap software] to alert you if any hacked content about cheap software suddenly starts appearing on your site," says Google. "You can set up multiple alerts for your site for different spammy terms. If you're unsure what spammy terms to use, you can use Google to search for common spammy terms."